support cards which only have ALG_RSA_CRT#5
support cards which only have ALG_RSA_CRT#5fishsoupisgood wants to merge 1 commit intomakinako:masterfrom
Conversation
darconeous
left a comment
darconeous
left a comment
There was a problem hiding this comment.
I'm not associated with this project, but I had a look over the changes and figured I would throw in my $0.02. Take it with a grain of salt.
-
You may want to consider gating this capability by adding a feature flag.
-
Now that you added support for
RSAPrivateCrtKey, consider implementing all of the types (ELEMENT_RSA_P,ELEMENT_RSA_Q, etc.) thatRSAPrivateCrtKeyseems to support:OpenFIPS201/src/com/makina/security/OpenFIPS201/PIVKeyObjectPKI.java
Lines 108 to 133 in 8adcbcf
| public void setPrivateExponent(byte[] buffer, short offset, short length) { | ||
| if (privateKey == null) allocate(); | ||
| privateKey.setExponent(buffer, offset, length); | ||
| ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); |
There was a problem hiding this comment.
Given the next few lines, I'm guessing this line was included in error.
| public final class PIVKeyObjectPKI extends PIVKeyObject { | ||
|
|
||
| private RSAPrivateKey privateKey; | ||
| private Key privateKey; |
There was a problem hiding this comment.
Instead of Key, should this be PrivateKey?
| public void setModulus(byte[] buffer, short offset, short length) { | ||
| if (privateKey == null || publicKey == null) allocate(); | ||
| privateKey.setModulus(buffer, offset, length); | ||
| ISOException.throwIt(ISO7816.SW_FUNC_NOT_SUPPORTED); |
There was a problem hiding this comment.
Same comment as that from line 156 above: I'm guessing this line was added in error.
| try { | ||
| keyPair = new KeyPair(KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_1024); | ||
| } catch (CryptoException e) { | ||
| if (e.getReason() == CryptoException.NO_SUCH_ALGORITHM) { |
| try { | ||
| keyPair = new KeyPair(KeyPair.ALG_RSA, KeyBuilder.LENGTH_RSA_2048); | ||
| } catch (CryptoException e) { | ||
| if (e.getReason() == CryptoException.NO_SUCH_ALGORITHM) { |
2 participants
None of the smartcards I tried (various JavaCOS, NXP, SmartCafe Expert) supported KeyPair(KeyPair.ALG_RSA, ...) only KeyPair.ALG_RSA_CRT.
This patch detects that and switches to using KeyPair.ALG_RSA_CRT.